'Roaming Mantis' Android Malware Evolves, Expands Targets
Roaming Mantis has evolved rapidly, adding geographies, platforms, and capabilities to its original scope.
The trend of malware that evolves and adapts continues with the so-called Roaming Mantis malware targeting Android devices, which has broadened both its geographic range and its functional scope.
In its new form, it's ticking off boxes for almost all the most popular malware trends. Mobile malware? Check. Roaming Mantis (also called XLoader and MoqHao by researchers) is malware that targets Android devices (though the latest version includes phishing modules aimed at iOS users, as well.
Cryptojacking? Check. The latest evolution of the malware adds cryptocurrency mining to the banking trojan payload of the original.
International scope? Check. While the original Roaming Mantis was a creature of southeast Asia, the new version has support for 27 different languages to allow for a much wider circulation.
DNS hijacking? Another check. Roaming Mantis uses DNS hijacking to spread from one victim to another throughout a growing infection.
Rapid evolution? The final check. In less than a month, Roaming Mantis has broadened its capabilities and enhanced its evasion techniques. It shows all the signs of being the product of a well-funded professional malware development organization, which adds weight to the tick mark in the final check box.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024